Privacy Policy

1. Who we are

Untolds is operated by an individual based in the European Union (the "Operator", "we", "us"). For any privacy-related question, request, or complaint you can reach us at legal@untolds.chat.

For the purposes of the EU General Data Protection Regulation (GDPR), the Operator is the data controller of the personal data described below.

2. Scope

This policy covers the Untolds website and chat service (the "Service"). It does not cover third-party websites or services we link to.

3. Data we collect

3.1 Account data

When you create an account through our authentication provider (Clerk), we collect and store your email address, your chosen username and display name, and the invite code you used to register. We also store a record of the fact that you confirmed you are 18 or older.

3.2 Chat and content data

We store the messages you send and the messages our AI personas send back. Message bodies are encrypted at rest. We also store the prompts and parameters used to generate images, video, and audio, and the resulting media files.

3.3 In-game state

We store the state of your interactions with each persona: the virtual in-game balance ("Sparks", see our Terms of Service), relationship metrics, unlocked content, transgression history, and similar gameplay state.

3.4 Technical data

Our hosting and infrastructure providers process standard request metadata (IP address, user agent, timestamps) for security, abuse prevention, and operational logging. We do not use this data to build advertising profiles.

For aggregate traffic measurement we use Vercel Web Analytics, a cookieless first-party analytics product provided by our hosting provider Vercel. It records page views, referrers, country, and device type. It does not set cookies, does not write to localStorage, does not fingerprint your device, and does not track you across other sites. To derive a visitor count it computes a daily-rotating salted hash of IP address and user agent, which is discarded after 24 hours. The resulting statistics are aggregated and visible only to us. See section 13 and our Cookies Notice.

3.5 Local browser storage

We store small preferences in your browser (for example, the confirmation that you are 18+, your UI preferences, and the authentication session managed by Clerk). We do not use third-party advertising or analytics cookies.

3.6 Payment data

Paid plans and Sparks bundles are settled in cryptocurrency through our third-party payment processor, NowPayments. NowPayments operates independently as the data controller for the payment flow on its own platform; we are the data controller for the record of the transaction inside the Service. The information we receive and store in connection with each payment is limited to:

• a NowPayments invoice or payment identifier and its status (pending, confirmed, failed, expired);
• the cryptocurrency and network used, the on-chain transaction hash where applicable, and the amount paid;
• the fiat-equivalent price quoted, the plan or bundle purchased, and the resulting credit applied to your account;
• timestamps of the transaction.

We do not receive your card data, bank-account details, or government ID through this flow, and we do not perform Know-Your-Customer (KYC) checks. NowPayments may itself collect additional information under its own privacy policy and applicable anti-money-laundering rules; in that case NowPayments is the controller for that processing.

4. What we do not collect

• We do not store card data or banking instruments. Paid plans and Sparks bundles are settled in cryptocurrency through our payment processor NowPayments (see sections 3.6 and 7); we receive only the transaction metadata described there. In-game Sparks remain in-game tokens with no monetary or real-world value.
• We do not collect biometric or government-ID data.
• We do not embed third-party advertising trackers, social pixels, or analytics products that profile users across sites.
• We do not knowingly collect any data from anyone under 18 (see section 11).

5. Why we process your data (lawful bases)

• Performance of a contract (GDPR Art. 6(1)(b)): to provide the Service you signed up for, delivering chat, generating media, persisting your state.
• Legitimate interests (GDPR Art. 6(1)(f)): to keep the Service safe, prevent abuse, enforce our Terms, debug failures, and meet our legal obligations around prohibited content.
• Consent (GDPR Art. 6(1)(a)): for the 18+ confirmation and any optional features you explicitly opt into.
• Legal obligation (GDPR Art. 6(1)(c)): where we are required to retain or disclose data, in particular in response to valid law-enforcement requests concerning illegal content.

6. How we use your data

• To deliver the chat experience and generate AI media you ask for.
• To enforce our Terms and our content-safety rules, including automated and manual review of prompts and outputs.
• To investigate suspected abuse, fraud, or violations of law, and to cooperate with authorities where legally required.
• To improve the quality of the Service: debugging, monitoring, and tuning models and prompts. We do not sell your personal data.

7. Processors and sub-processors

We rely on a small number of trusted providers to operate the Service. Each of them processes data only on our instructions, under written agreements. The current list is:

• Authentication provider, manages sign-in, credentials, and account records.
• Application hosting and edge networking provider - serves the website and routes requests.
• Managed database provider, hosts our primary PostgreSQL database (accounts, messages encrypted at rest, and gameplay state).
• Serverless GPU compute provider, runs the image, video, and audio generation pipeline on machines we control.
• Object-storage provider, stores generated and user-uploaded media. Sensitive media (such as user-uploaded photos) is encrypted before upload so the bytes are unreadable without keys held by us.
• Large language model API provider(s), receive the text of your conversations solely to produce a persona reply, under enterprise contracts with zero-retention / no-training terms.
• Aggregate analytics provider (Vercel Web Analytics) - provides cookieless, aggregated traffic statistics (page views, referrers, country, device type). No cookies, no localStorage, no cross-site tracking, no device fingerprinting.
• Cryptocurrency payment processor (NowPayments) - handles checkout for paid plans and Sparks bundles. NowPayments acts as an independent controller for the payment flow on its own platform; we receive only the transaction metadata described in section 3.6.

We treat the specific identity, version, and configuration of the third-party providers and models behind the Service as commercially sensitive and do not publish that detail. If you need to know whether a particular vendor processes your data for a regulatory or compliance reason, contact us at legal@untolds.chat.

User-Generated Content, meaning the messages you type, prompts you write, persona configurations you create, and files you upload, is not used to train any AI model, neither by us nor by our model providers. We rely on enterprise endpoints with zero data-retention or no-training contractual terms. We will update this policy and notify users in advance if that ever changes.

Platform-Generated Content, meaning the persona replies, images, videos, and audio clips produced by the Service itself , is owned by the Operator and is governed by section 8 of the Terms of Service. The Operator may use Platform-Generated text, images, and video for any purpose, including model training. Platform-Generated audio is treated as sensitive and is subject to the additional restrictions described in section 9 below.

7a. AI systems used and EU AI Act disclosures

Under Article 50 of Regulation (EU) 2024/1689 (the "EU AI Act"), we make the following disclosures about the AI systems embedded in the Service. The corresponding user-facing transparency obligations also appear in our Terms of Service (section 3.3).

• Type of system.Untolds is a generative AI application that combines a chat agent (text) with image, short-form video, and audio generation. It is a limited-risk AI system under the EU AI Act — specifically, an AI system intended to interact with natural persons (Art. 50(1)) and an AI system that generates synthetic image, audio, and video content (Art. 50(2) and 50(4)). It is not classified as high-risk under Annex III, and it does not perform emotion recognition, biometric categorisation, social scoring, or any other practice prohibited by Article 5.
• Categories of models. Persona replies are produced by one or more third-party general-purpose AI (GPAI) text models accessed over an API. Image, short-form video, and audio generation run on a pipeline of open-weights diffusion, image-edit, video, and text-to-speech models executed on GPU compute we control. We treat the specific model identifiers, versions, and pipeline configuration as proprietary and do not publish them; the categories above are the extent of public disclosure we make under Art. 50.
• Synthetic-content marking. All images, videos, and audio produced by the Service are labelled in the user interface as AI-generated and, where technically feasible, are marked with machine-readable provenance signals (for example C2PA content credentials or watermarks) so that downstream tools can detect them as synthetic. Removing or hiding those signals is prohibited under the Terms.
• Human oversight and safeguards. Inputs and outputs pass through layered safety filters (input keyword filtering, system-prompt rules, post-generation tag checks, and persona-level refusal rules) designed to block child sexual abuse material, non-consensual sexualisation of real identifiable people, real violence and snuff content, and bestiality. These filters cannot be disabled by users.
• Our role: deployer, not GPAI provider. The Operator deploys, configures, and integrates third-party and open-weights GPAI models inside the Service. The Operator is not the provider of those underlying models within the meaning of the AI Act. Direct AI Act questions or complaints to legal@untolds.chat; we will route them to the relevant upstream provider where appropriate.
• Phased applicability. The Article 5 prohibitions have applied since 2 February 2025 and are implemented as described in section 6 of the Terms of Service. The Article 50 transparency obligations apply from 2 August 2026; the disclosures in this section and in section 3.3 of the Terms are made in compliance with Article 50 and, where their formal application date has not yet been reached, ahead of it on a voluntary basis.
• Right to explanation (Art. 86) does not apply. Article 86 of the AI Act applies only to high-risk AI systems. The Service is not high-risk, so the AI-Act right to an individual explanation of an automated decision does not apply. Your GDPR rights, including Articles 15 (access) and 21 (objection), remain fully available and are described in section 12.
• AI literacy (Art. 4). The Operator and any personnel involved in operating the Service have, and maintain, a sufficient level of AI literacy with respect to the AI systems used, the risks they pose, and the safeguards described in this policy and in the Terms.

8. International transfers

Some of the providers above are based outside the European Economic Area, primarily in the United States. Where data is transferred outside the EEA, we rely on the European Commission's Standard Contractual Clauses and on the providers' supplementary safeguards.

9. Retention

• Account data: kept while your account is active. When you delete your account, we delete or irreversibly anonymise your data within 30 days, except where we are legally required to keep it longer.
• User-Generated Content (messages, prompts, uploads): kept while your account is active or until you delete the relevant conversation or asset. Deleted with your account within 30 days.
• Platform-Generated text, images, and video (non-sensitive): these outputs are owned by the Operator and, as described in section 8.1 of the Terms of Service, may be retained and reused by us independently of your account lifecycle, including after your account is deleted.
• Platform-Generated audio (potentially sensitive): voice notes and other audio clips produced by the Service are synthetic text-to-speech outputs; the Service does not record, capture, or process audio from your microphone or device. These outputs remain the property of the Operator on the same basis as other Platform-Generated Content (see section 8.2 of the Terms of Service) and may be used internally for any purpose, including model training. As a sensitive-content carve-out we voluntarily commit that we do not disclose Platform-Generated audio to any third party other than the infrastructure processors listed in section 7, who act on our instructions; and we delete the audio files associated with your account as part of your user data when you delete your account, within the same 30-day window as account data.
• Backups: encrypted backups may persist for up to 30 days after deletion before being overwritten.
• Safety records: where we have blocked content or taken action for a Terms violation, we may retain a minimal record (timestamps, account identifier, reason) for as long as needed to enforce our rules.

10. Security

Chat messages are encrypted at rest. All traffic to the Service is carried over TLS. Authentication credentials are managed by Clerk and never stored by us in plain text. We restrict internal access to production data to what is strictly necessary to operate the Service.

No system is perfectly secure. If you become aware of a vulnerability or possible breach, please contact us at legal@untolds.chat.

11. Children

The Service is for adults only. You must be at least 18 years old to use it. We do not knowingly collect personal data from anyone under 18. If we learn that an account belongs to a minor, we will terminate it, delete the associated data, and where appropriate report to the relevant authorities.

Age is currently established by self-declaration at the 18+ age gate and at registration; we do not currently operate third-party identity-verification or biometric age-estimation. The product is designed in layers so that the public website's default view displays only safe-for-work imagery, soft-nude previews are delivered blurred and only revealed after an explicit per-image tap by the viewer, and sexually explicit Platform-Generated content is never published, it exists only as private output inside a one-to-one persona chat. The eligibility, jurisdiction, and parental-control sections of the Terms of Service (sections 2.1 to 2.4) describe these arrangements in detail and apply equally to data processing under this Policy.

12. Your rights under the GDPR

If you are in the EEA or the UK, you have the following rights in relation to your personal data:

• Access (Art. 15), obtain confirmation of, and a copy of, the data we hold about you.
• Rectification (Art. 16), correct inaccurate or incomplete data.
• Erasure (Art. 17), ask us to delete your data, subject to limited exceptions.
• Restriction (Art. 18), limit how we process your data in specific circumstances.
• Portability (Art. 20), receive your data in a structured, machine-readable format.
• Objection (Art. 21), object to processing based on our legitimate interests.
• Withdraw consent (Art. 7(3)), at any time, where we rely on consent.
• Lodge a complaint with your national supervisory authority.

To exercise any of these rights, email legal@untolds.chat. We will respond within one month, as required by Art. 12(3) GDPR.

Independently of GDPR, you also have the right under Article 85 of the EU AI Act to lodge a complaint with the national market-surveillance authority of your member state if you believe the Service breaches the AI Act. That right is in addition to your data-protection complaint right above.

13. Cookies and similar technologies

We use only essential storage: the authentication session set by Clerk, the local 18+ confirmation, and your in-app preferences. We do not set advertising or third-party analytics cookies. Aggregate traffic measurement is performed by Vercel Web Analytics, which is cookieless and does not write to your terminal equipment (see section 3.4 and our Cookies Notice). We do not display a cookie banner because no consent is required for strictly necessary storage under the EU ePrivacy Directive.

14. Changes to this policy

We may update this policy from time to time. When we make material changes, we will update the effective date above and, where required, notify you by email or in-app before the change takes effect.

15. Related policies

This Privacy Policy sits alongside our other legal documents. The full index is available at /legal. Complementary documents include:

• Terms of Service— the rules that govern your use of the Service.
• Cookies Notice— what we store in your browser.
• Underage Policy— how we restrict access and respond to suspected underage users.
• Content Removal Policy— how to ask us to remove content.
• Blocked Content Policy— categories that are always blocked.
• DMCA / Copyright Policy— copyright takedown procedure.
• Complaint Policy— how to raise a complaint and external escalation routes.

16. Contact

Questions, requests, or complaints: legal@untolds.chat.